Red Hat Product Errata RHSA-2026:21298 - Security Advisory Issued: 2026-05-27 Updated: 2026-05-27 RHSA-2026:21298 - Security Advisory Overview Updated Packages Synopsis Important: openssh security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for openssh is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix(es): OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode (CVE-2026-35385) OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option (CVE-2026-35414) OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage (CVE-2026-35387) OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions (CVE-2026-35388) OpenSSH: OpenSSH: Arbitrary command execution via shell metacharacters in username (CVE-2026-35386) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64 Red Hat Enterprise Linux Server - TUS 8.8 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64 Fixes BZ - 2454469 - CVE-2026-35385 OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode BZ - 2454490 - CVE-2026-35414 OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option BZ - 2454494 - CVE-2026-35387 OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage BZ - 2454500 - CVE-2026-35388 OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions BZ - 2454506 - CVE-2026-35386 OpenSSH: OpenSSH: Arbitrary command execution via shell metacharacters in username CVEs CVE-2026-35385 CVE-2026-35386 CVE-2026-35387 CVE-2026-35388 CVE-2026-35414 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 SRPM openssh-8.0p1-20.el8_8.4.src.rpm SHA-256: b28040689d3f8e87d5d5e689a2524b041ea765be3262543dc3826db26581a8aa x86_64 openssh-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 56342e946d5d10398823e764dd2114a9c3288ace2fc22269853e31c68e316942 openssh-askpass-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: e81fc129085c3ac11926de9b224391240e2d29d5f7dab97902387b5403fc01d8 openssh-askpass-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 67062d0c147a144c778bb2b3d9061266834b04cad5f1f8e3a6f6f57643dce154 openssh-askpass-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 67062d0c147a144c778bb2b3d9061266834b04cad5f1f8e3a6f6f57643dce154 openssh-cavs-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 84b316dfaac90ffac4b99d8bb50c9ec046a5b68832dc1af86015c594d7fe744e openssh-cavs-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: ba86d11cf3c86cae41ce3a4aae98b6f55a1c2a44bf0da5ef645e795ae67b6410 openssh-cavs-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: ba86d11cf3c86cae41ce3a4aae98b6f55a1c2a44bf0da5ef645e795ae67b6410 openssh-clients-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 3f0b8cbf8d7012fa13454fe791bf9054b045b25642a7c7ae69d79906b520585d openssh-clients-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: dad9c03ff68ae8e28f06b919c9a9c1a70d42ef41ad58735a0fab3331f8a60abf openssh-clients-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: dad9c03ff68ae8e28f06b919c9a9c1a70d42ef41ad58735a0fab3331f8a60abf openssh-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 9578605625d0ee3498e7622ad3ae4743ac0b734a9afe4a7195acdaac6f8a3f82 openssh-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 9578605625d0ee3498e7622ad3ae4743ac0b734a9afe4a7195acdaac6f8a3f82 openssh-debugsource-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 51f1a0d57a5dad01b9d4c65e560a04cc5143690a8d41ed43418e9ed629482c2b openssh-debugsource-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 51f1a0d57a5dad01b9d4c65e560a04cc5143690a8d41ed43418e9ed629482c2b openssh-keycat-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 4586216cde4a9ed8a3fac9d0254bc710f45495e1c0f554deda71185f3cea635c openssh-keycat-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: ca848aea95de2aeb2781d2d753c0d20d657b296f6944e2af2bbe2d60697f39c6 openssh-keycat-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: ca848aea95de2aeb2781d2d753c0d20d657b296f6944e2af2bbe2d60697f39c6 openssh-ldap-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 6f417a0ef9979ac4fb77423bed356e977ab41bd2f016175bc9fe3282e8b79754 openssh-ldap-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: ddcbff278cc6202722963ea9d42b7e8918384cf6edaa9f92b640a1a2147fece0 openssh-ldap-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: ddcbff278cc6202722963ea9d42b7e8918384cf6edaa9f92b640a1a2147fece0 openssh-server-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 5b8d6f19af08943d000f80ad43f2398c501a238faa21a8def910c32cb4f319f7 openssh-server-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 10a4e7540959f12b3cb0fb1823b48e6a572583dd970a776a4bb0df9e1c1df08c openssh-server-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 10a4e7540959f12b3cb0fb1823b48e6a572583dd970a776a4bb0df9e1c1df08c pam_ssh_agent_auth-0.10.3-7.20.el8_8.4.x86_64.rpm SHA-256: f1f9ae5b03c0ec4e96af7f705ebda372f09551787283f61637111f05290208ab pam_ssh_agent_auth-debuginfo-0.10.3-7.20.el8_8.4.x86_64.rpm SHA-256: 9ad49623b54b1996755d2efe577e83b9ef646df14d6f88d1dbbe74d0bb9352af pam_ssh_agent_auth-debuginfo-0.10.3-7.20.el8_8.4.x86_64.rpm SHA-256: 9ad49623b54b1996755d2efe577e83b9ef646df14d6f88d1dbbe74d0bb9352af Red Hat Enterprise Linux Server - TUS 8.8 SRPM openssh-8.0p1-20.el8_8.4.src.rpm SHA-256: b28040689d3f8e87d5d5e689a2524b041ea765be3262543dc3826db26581a8aa x86_64 openssh-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 56342e946d5d10398823e764dd2114a9c3288ace2fc22269853e31c68e316942 openssh-askpass-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: e81fc129085c3ac11926de9b224391240e2d29d5f7dab97902387b5403fc01d8 openssh-askpass-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 67062d0c147a144c778bb2b3d9061266834b04cad5f1f8e3a6f6f57643dce154 openssh-askpass-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 67062d0c147a144c778bb2b3d9061266834b04cad5f1f8e3a6f6f57643dce154 openssh-cavs-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 84b316dfaac90ffac4b99d8bb50c9ec046a5b68832dc1af86015c594d7fe744e openssh-cavs-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: ba86d11cf3c86cae41ce3a4aae98b6f55a1c2a44bf0da5ef645e795ae67b6410 openssh-cavs-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: ba86d11cf3c86cae41ce3a4aae98b6f55a1c2a44bf0da5ef645e795ae67b6410 openssh-clients-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 3f0b8cbf8d7012fa13454fe791bf9054b045b25642a7c7ae69d79906b520585d openssh-clients-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: dad9c03ff68ae8e28f06b919c9a9c1a70d42ef41ad58735a0fab3331f8a60abf openssh-clients-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: dad9c03ff68ae8e28f06b919c9a9c1a70d42ef41ad58735a0fab3331f8a60abf openssh-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 9578605625d0ee3498e7622ad3ae4743ac0b734a9afe4a7195acdaac6f8a3f82 openssh-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 9578605625d0ee3498e7622ad3ae4743ac0b734a9afe4a7195acdaac6f8a3f82 openssh-debugsource-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 51f1a0d57a5dad01b9d4c65e560a04cc5143690a8d41ed43418e9ed629482c2b openssh-debugsource-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 51f1a0d57a5dad01b9d4c65e560a04cc5143690a8d41ed43418e9ed629482c2b openssh-keycat-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 4586216cde4a9ed8a3fac9d0254bc710f45495e1c0f554deda71185f3cea635c openssh-keycat-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: ca848aea95de2aeb2781d2d753c0d20d657b296f6944e2af2bbe2d60697f39c6 openssh-keycat-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: ca848aea95de2aeb2781d2d753c0d20d657b296f6944e2af2bbe2d60697f39c6 openssh-ldap-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 6f417a0ef9979ac4fb77423bed356e977ab41bd2f016175bc9fe3282e8b79754 openssh-ldap-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: ddcbff278cc6202722963ea9d42b7e8918384cf6edaa9f92b640a1a2147fece0 openssh-ldap-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: ddcbff278cc6202722963ea9d42b7e8918384cf6edaa9f92b640a1a2147fece0 openssh-server-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 5b8d6f19af08943d000f80ad43f2398c501a238faa21a8def910c32cb4f319f7 openssh-server-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 10a4e7540959f12b3cb0fb1823b48e6a572583dd970a776a4bb0df9e1c1df08c openssh-server-debuginfo-8.0p1-20.el8_8.4.x86_64.rpm SHA-256: 10a4e7540959f12b3cb0fb1823b48e6a572583dd970a776a4bb0df9e1c1df08c pam_ssh_agent_auth-0.10.3-7.20.el8_8.4.x86_64.rpm SHA-256: f1f9ae5b03c0ec4e96af7f705ebda372f09551787283f61637111f05290208ab pam_ssh_agent_auth-debuginfo-0.10.3-7.20.el8_8.4.x86_64.rpm SHA-256: 9ad49623b54b1996755d2efe577e83b9ef646df14d6f88d1dbbe74d0bb9352af pam_ssh_agent_auth-debuginfo-0.10.3-7.20.el8_8.4.x86_64.rpm SHA-256: 9ad49623b54b1996755d2efe577e83b9ef646df14d6f88d1dbbe74d0bb9352af Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 SRPM openssh-8.0p1-20.el8_8.4.src.rpm SHA-256: b28040689d3f8e8